Remapping component 
Step1 before Loading 



Loading of executable, remapping component 
Step 2 andnew.dll 



A export 1 = ? 
A+1 export2 = ? 
A+2 exports = ? 



Relocations 

• Set A to be contents of 
export 3 in new.dll 

• Set A+1 to be contents of 
export 2 in new.dll 

• Set A+2 to be contents of 
export 7 in another.dll 



Step 4 Execution Sequence 



1000 


call 1009 


1009 


jump to address in 1010 


3027 


<lnstructions to implement 




foo()> 



Fig. 3. 



Executable 


Remapping Component 


new.dll 


1000 call 1009 
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2000 exDort 1 - 


SOOOexDort 1 -3019 


1009 jump to 
address in 
1010 


2001 export2 = ? 

2002 exports = ? 


3001 export 2 = 3006 

3002 export 3 = 3027 


1010 data = ? 


set 2000 to be contents 
of export 3 in new.dll 




set 1010 to be 
contents of export 1 
inoriginal.dll 




3027 <instructionsto 
implement foo() 



Step 3 Complete the relocations 



Executable 


Remapping Component 


new.dll 


1000 call 1009 


2000 export 1 =3027 


3000 export 1=3019 


1009 jump to 


2001 export 2 = 3006 


3001 export 2 = 3006 


address 






in 1010 


2002 export 3 =4011 


3002 export 3 = 3027 


1010 data = 3027 










3027 <instructionsto 






implement foo() 
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Step 1 Executable loaded 
from address 1000 



Code 



1000 cam 009 



1 009 jump to address in 1 01 0 

1010 data=? 



Relocations 

Set 1 01 0 to be contents of export 1 
in original.dll 



Step 3 ^oad new.dll to provide functionaiity 



3000 export 1 =3019 

3001 export 2 = 3006 

3002 export 3 = 3027 

3027 <instructions to implement foo()> 



Step 2 remapping.dll loaded from 
address 2000 



2000 export 1=2015 

2001 export 2 = 2010 

2015 jump to address in 2016 

2016 data=? 

Relocation 

Set 201 6 to be contents of export 3 in new.dll 



Step 4 Complete the relocations 



1000 


call 1009 


2000 export 1 =2015 


3000 


export 1 =3019 


1009 


jump to address in 1 01 0 


2001 export 2 = 2010 


3001 


export 2 = 3006 


1010 


data = 2015 




3002 


export 3 = 3027 






2015 jump to address in 2016 










201 6 data = 3027 












3027 


<instructions to 










implement foo()> 



SteD 5 Execution Sequence 



1000 call 1009 

1 009 jump to address in 1 01 0 

2015 jump to address in 2016 

3027 <instructions to implement foo ()> 



Fig. 2, 
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Step 1 Executable before loading, e.g. 
In a file on disk 



Step 2 Executable loaded Into memory 
from address 1000 



Code 

A call A+9 



A+9 jump to address in A+1 0 
A+10 data = ? 



I 



Relocations 

Set A+1 0 to be contents of export 1 
in original.dll 



1000 call 1009 



1 009 jump to address in 1010 

1010 data = ? 



Still to process the relocations, now 
transferred into: set 1 01 0 to be contents 
of export 1 in original.dll 



Step 3 Recursively load requested 
DLLs e.g. original.dll 



4000 


export 1 = 4077 


4001 


export 2 = 4013 


4077 


< instructions to 




implement foo() > 



Step 4 Resolve imports 



1000 call 1009. 



1 009 jump to address in 1010 

1010 data = 4077 



Step 5 Execution Sequence 



1000 


call 1009 


1009 


jump to address in 1 01 0 


4077 


<instructions to 




implement foo()> 



Fig. 1 



